LVS-keepalived双机热备部署

原创

wx60c1bd2f06738 2021-06-10 22:44:08 ©著作权

文章标签 Linux基础 LVS教程 文章分类 运维

©著作权归作者所有：来自51CTO博客作者wx60c1bd2f06738的原创作品，请联系作者获取转载授权，否则将追究法律责任

需要准备6台虚拟机

LVS-keepalived双机热备部署_Linux基础

创建访问页面

LVS-keepalived双机热备部署_LVS教程_02

修改vim /etc/exports允许20和30访问

/web 192.168.100.20(rw) 192.168.100.30(rw)

LVS-keepalived双机热备部署_Linux基础_03

设置服务

LVS-keepalived双机热备部署_LVS教程_04

查看可以访问这个主机的ip

showmount -e 192.168.100.10

安装http服务

yum -y install httpd

LVS-keepalived双机热备部署_LVS教程_06

配置首页并且启动服务

echo "www.benet.com" > /var/www/html/index.html

LVS-keepalived双机热备部署_Linux基础_07

LVS-keepalived双机热备部署_LVS教程_08

安装ipvsadm keepalived 04-05

LVS-keepalived双机热备部署_Linux基础_09

LVS-keepalived双机热备部署_LVS教程_10

LVS-keepalived双机热备部署_LVS教程_11

修改配置文件

vim /etc/keepalived/keepalived.conf

vrrp_instance VI_1 {

state MASTER

interface ens32

virtual_router_id 51

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

192.168.100.253

}

lb_kind DR

persistence_timeout 50

protocol TCP

real_server 192.168.100.20 80 {

weight 1

TCP_CHECK {

connect_port 80

connect_timeout 3

nb_get_retry 3

}

lb_kind DR

persistence_timeout 50

protocol TCP

real_server 192.168.100.30 80 {

weight 1

TCP_CHECK {

connect_port 80

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

}

测试配置

LVS-keepalived双机热备部署_LVS教程_12

LVS-keepalived双机热备部署_LVS教程_14

05的配置

! Configuration File for keepalived

global_defs {

router_id LVS_BACKUP

}

vrrp_instance VI_1 {

state BACKUP

interface ens32

virtual_router_id 51

priority 90

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

192.168.100.253

}

virtual_server 192.168.100.254 80 {

delay_loop 6

lb_algo rr

lb_kind DR

persistence_timeout 50

protocol TCP

real_server 192.168.100.20 80 {

weight 1

TCP_CHECK {

connect_port 80

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

}

virtual_server 192.168.100.253 80 {

delay_loop 6

lb_algo rr

lb_kind DR

persistence_timeout 50

protocol TCP

real_server 192.168.100.30 80 {

weight 1

TCP_CHECK {

connect_port 80

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

}

检查漂移地址

ipvsadm -ln

LVS-keepalived双机热备部署_LVS教程_15

配置

DEVICE=lo:0

IPADDR=192.168.100.253

NETMASK=255.255.255.255

NETWORK=127.0.0.0

# If you're having problems with gated making 127.0.0.0/8 a martian,

# you can change this to something else (255.255.255.255, for example)

BROADCAST=127.255.255.255

ONBOOT=yes

NAME=loopback

LVS-keepalived双机热备部署_Linux基础_16

LVS服务器配置keepalived主节点内核参数 2台都需要配置

net.ipv4.conf.all.send_redirects = 0

net.ipv4.conf.default.send_redirects = 0

net.ipv4.conf.ens32.send_redirects = 0

LVS-keepalived双机热备部署_Linux基础_17

WEB服务器

LVS-keepalived双机热备部署_Linux基础_18

net.ipv4.conf.all.arp_ignore = 1

net.ipv4.conf.all.arp_announce = 2

net.ipv4.conf.default.arp_ignore = 1

net.ipv4.conf.default.arp_announce = 2

net.ipv4.conf.lo.arp_ignore = 1

net.ipv4.conf.lo.arp_announce = 2

配置内网ip

LVS-keepalived双机热备部署_LVS教程_19

指定默认网关

GATEWAY=192.168.100.254

LVS-keepalived双机热备部署_LVS教程_20

echo "GATEWAY=192.168.100.254" >> /etc/sysconfig/network-scripts/ifcfg-ens32 &&

systemctl restart network

LVS-keepalived双机热备部署_Linux基础_21

网关配置路由

net.ipv4.ip_forward = 1

启动防火墙

LVS-keepalived双机热备部署_Linux基础_23

设置防火墙规则

firewall-cmd --add-interface=ens32 --zone=trusted

firewall-cmd --add-interface=ens34 --zone=external

firewall-cmd --set-default-zone=trusted

LVS-keepalived双机热备部署_Linux基础_24

配置外网ip 添加一块外网网卡

vim /etc/sysconfig/network-scripts/ifcfg-ens34

TYPE=Ethernet

BOOTPROTO=static

NAME=ens34

DEVICE=ens34

ONBOOT=yes

IPADDR=192.168.200.254

NETMASK=255.255.255.0

PROXY_METHOD=none

BROWSER_ONLY=no

PREFIX=24

IPV4_FAILURE_FATAL=no

IPV6INIT=no

ZONE=external

查看防火墙区域

firewall-cmd --get-zone-of-interface=ens32

firewall-cmd --get-zone-of-interface=ens34

firewall-cmd --get-default-zone

LVS-keepalived双机热备部署_LVS教程_25

查看ip伪装

firewall-cmd --zone=external --remove-masquerade

LVS-keepalived双机热备部署_LVS教程_26

删除伪装

firewall-cmd --list-all --zone=external

LVS-keepalived双机热备部署_Linux基础_27

配置伪装映射

firewall-cmd --zone=external --add-rich-rule='rule family=ipv4 source address=192.168.100.0/24 masquerade'

将外网端口映射到内网

firewall-cmd --zone=external --add-rich-rule='rule family=ipv4

destination address=192.168.200.254/32 forward-port port=80

protocol=tcp to-addr=192.168.100.253'

LVS-keepalived双机热备部署_Linux基础_29

允许http访问

firewall-cmd --add-service=http --zone=external

firewall-cmd --list-all --zone=external

LVS-keepalived双机热备部署_Linux基础_30

安装dns

yum -y install bind bind-utils bind-chroot

LVS-keepalived双机热备部署_LVS教程_31

cat /etc/named.conf

options {

listen-on port 53 { any; };

directory "/var/named";

};

zone "benet.com." IN {

type master ;

file "benet.com.zone";

};

named-checkconf /etc/named.conf

cat /var/named/benet.com.zone

$TTL 86400

@ SOA benet.com. root.benet.com. (

2020081210

15M

)

@ NS centos06.benet.com.

centos06 A 192.168.200.254

www A 192.168.200.254

named-checkzone benet.com /var/named/benet.com.zone

给外网网卡指定dns服务器

echo "DNS1=192.168.200.254" >> /etc/sysconfig/network-scripts/ifcfg-ens34

客户端指定

LVS-keepalived双机热备部署_LVS教程_32

配置防火墙允许dns访问

firewall-cmd --add-service=dns --zone=external

配置网站服务器自动挂载共享目录 2台web服务器都要配置

LVS-keepalived双机热备部署_LVS教程_34

192.168.100.10:/web /var/www/html nfs defaults,_netdev 0 0

重启生效

查看挂载

LVS-keepalived双机热备部署_LVS教程_36

LVS-keepalived双机热备部署_Linux基础_37

客户端访问测试

http://www.benet.com/

LVS-keepalived双机热备部署_LVS教程_38

上一篇：LVS_keepalived双机热备

下一篇：awk

提问和评论都可以，用心的回复会被更多人看到评论

发布评论

相关文章

官方博客	全部文章	热门标签	班级博客
了解我们	网站地图	意见反馈

鸿蒙开发者社区	51CTO学堂
51CTO	软考资讯